Security references

Dave Cater

Security references

Musical notes

This page includes references to interesting security related books, Internet sites, and so on.

Security books

Web Security and Commerce, by Simson Garfinkel and Gene Spafford (published by O'Reilly and Associates: http://www.oreilly.com) ISBN 1-56592-269-7. A good general introduction to security concepts as well as an essential reference on PC and browser security, digital certificates and trust, encryption and public key infrastructures, and much more.

Practical UNIX and Internet Security, by Simson Garfinkel and Gene Spafford (published by O'Reilly and Associates: http://www.oreilly.com) ISBN 1-56592-148-8. This book concentrates on UNIX system administration, including network security, WWW server administration, firewalls, and so on. Running to nearly 1000 pages in its second edition, it goes into enough detail to be a really practical guide. Having read through most of it, the authors achieved the remarkable feat of being relevant to most common flavours of UNIX. The book has also aged well.

Security sites

http://www.rsasecurity.com/	RSA Data security - specialists in encryption and key management
http://www.ssh.com	SSH Communications Security - the home of the SSH protocol and associated secure data transfer tools.
http://www.ietf.org	Security related work at the IETF (home of Internet protocols)
http://www.verisign.com	Supplier of security software and services, including digital certificates frequently used in secure payment systems.
http://www.entrust.com	Supplier of security infrastructure software.
http://www.securecomputing.com	Supplier of software for extranets (interconnected private networks) including firewalls and access control.

Introductions and FAQ lists

The RSA FAQ list is a good introduction to the subject and the terminology.

The WWW Security FAQ list is another good introduction, concentrating on security issues likely to affect WWW servers.

Dave Cater